package com.unisound.tracelog.server.config;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                //自定义登录页面
                .loginPage("/ui/login")
                //设置默认的的登录路径
                .loginProcessingUrl("/login")
                //登录成功之后跳转的路径
                .defaultSuccessUrl("/ui/index");

        //开启授权认证
        http.authorizeRequests()
                //将登录路径排除在外
                .antMatchers("/ui/login", "/static/**", "/index/**", "/login/**", "/resource/**", "/tracelog/**", "/error/**").permitAll()
                //所有的请求都需要登录之后才能访问
                .anyRequest().authenticated();

        http.csrf().disable()
                .headers().frameOptions().sameOrigin();
    }

}
